Secure and Audit the Virtual Infrastructures
Virtualization adds a layer of complexity to the compliance and security challenge. Physical to virtual migrations open the door for compliance exceptions, even at the virtual machine level, by introducing changes to the original physical implementation. The hypervisor itself adds a potential threat vector, while the virtualized network hides some network traffic from traditional security systems (e.g., network IDS, gateways). These risks can be addressed by:
- Evaluating the security configuration of both the hypervisor (ESX) and the virtual machines
- Comparing post-migration configurations to pre-migration configurations
- Monitoring privileged user activity and changes at the virtual machines, avoiding the dependency on seeing network traffic
NetIQ’s solution support the latest standards for VMware security published by the Center for Internet Security and helps easily demonstrate compliance while improving security and control.
NetIQ Supporting Products
 |
NetIQ Secure Configuration Manager NetIQ Secure Configuration Manager automatically assesses and baselines the configuration of both ESX Server and the virtual machines (OS, databases, web servers, etc.), and leverages best practices such as the Center for Internet Security benchmarks (including the benchmark for ESX Server). |
 |
NetIQ Security Manager monitors user activity, detects changes, and provides log consolidation and reporting of the ESX Server and virtual machine systems. |
 |
Third Brigade Deep Security provides host-based intrusion defense for Windows, Unix, and Linux VMs as well as Virtual Server hosts, helping to protect against both known and zero-day attacks and shield vulnerabilities in critical and hard to patch systems. |
